ahmido
6f8eb28ca2
## Summary - add the Spec 180 tenant backup-health resolver and value objects to derive absent, stale, degraded, healthy, and schedule-follow-up posture from existing backup and schedule truth - surface backup posture and reason-driven drillthroughs in the tenant dashboard and preserve continuity on backup-set and backup-schedule destinations - add deterministic local/testing browser-fixture seeding plus a local fixture-login helper for the blocked drillthrough `403` scenario, along with the related spec artifacts and focused regression coverage ## Testing - `vendor/bin/sail artisan test --compact tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php` - `vendor/bin/sail artisan test --compact tests/Unit/Support/BackupHealth/TenantBackupHealthResolverTest.php tests/Feature/Filament/DashboardKpisWidgetTest.php tests/Feature/Filament/NeedsAttentionWidgetTest.php tests/Feature/Filament/TenantDashboardTruthAlignmentTest.php tests/Feature/Filament/TenantDashboardTenantScopeTest.php tests/Feature/Filament/TenantDashboardDbOnlyTest.php tests/Feature/Filament/BackupSetListContinuityTest.php tests/Feature/Filament/BackupSetEnterpriseDetailPageTest.php tests/Feature/BackupScheduling/BackupScheduleLifecycleTest.php tests/Feature/Auth/BackupHealthBrowserFixtureLoginTest.php tests/Feature/Console/TenantpilotSeedBackupHealthBrowserFixtureCommandTest.php` ## Notes - Filament v5 / Livewire v4 compliant; no panel-provider change was needed, so `bootstrap/providers.php` remains unchanged - no new globally searchable resource was introduced, so global-search behavior is unchanged - no new destructive action was added; existing destructive actions and confirmation behavior remain unchanged - no new asset registration was added; the existing deploy-time `php artisan filament:assets` step remains sufficient - the local fixture login helper route is limited to `local` and `testing` environments - the focused and broader Spec 180 packs are green; the full suite was not rerun after these changes Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #212
333 lines
12 KiB
PHP
333 lines
12 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Filament\Widgets\Dashboard\BaselineCompareNow;
|
|
use App\Filament\Widgets\Dashboard\NeedsAttention;
|
|
use App\Models\BackupItem;
|
|
use App\Models\BackupSchedule;
|
|
use App\Models\BackupSet;
|
|
use App\Models\BaselineProfile;
|
|
use App\Models\BaselineSnapshot;
|
|
use App\Models\BaselineTenantAssignment;
|
|
use App\Models\Finding;
|
|
use App\Models\FindingException;
|
|
use App\Models\OperationRun;
|
|
use App\Support\Baselines\BaselineCompareReasonCode;
|
|
use App\Support\OperationRunOutcome;
|
|
use App\Support\OperationRunStatus;
|
|
use App\Support\OperationRunType;
|
|
use Carbon\CarbonImmutable;
|
|
use Filament\Facades\Filament;
|
|
use Livewire\Livewire;
|
|
|
|
function createTruthAlignedDashboardTenant(): array
|
|
{
|
|
[$user, $tenant] = createUserWithTenant(role: 'owner');
|
|
|
|
$profile = BaselineProfile::factory()->active()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'name' => 'Baseline A',
|
|
]);
|
|
|
|
$snapshot = BaselineSnapshot::factory()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
]);
|
|
|
|
$profile->update(['active_snapshot_id' => (int) $snapshot->getKey()]);
|
|
|
|
BaselineTenantAssignment::factory()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
]);
|
|
|
|
return [$user, $tenant, $profile, $snapshot];
|
|
}
|
|
|
|
function seedTrustworthyCompare(array $tenantContext): void
|
|
{
|
|
[$user, $tenant, $profile, $snapshot] = $tenantContext;
|
|
|
|
OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'type' => OperationRunType::BaselineCompare->value,
|
|
'status' => OperationRunStatus::Completed->value,
|
|
'outcome' => OperationRunOutcome::Succeeded->value,
|
|
'completed_at' => now()->subHour(),
|
|
'context' => [
|
|
'baseline_profile_id' => (int) $profile->getKey(),
|
|
'baseline_snapshot_id' => (int) $snapshot->getKey(),
|
|
'baseline_compare' => [
|
|
'reason_code' => BaselineCompareReasonCode::NoDriftDetected->value,
|
|
'coverage' => [
|
|
'effective_types' => ['deviceConfiguration'],
|
|
'covered_types' => ['deviceConfiguration'],
|
|
'uncovered_types' => [],
|
|
'proof' => true,
|
|
],
|
|
],
|
|
],
|
|
]);
|
|
}
|
|
|
|
afterEach(function (): void {
|
|
CarbonImmutable::setTestNow();
|
|
});
|
|
|
|
it('suppresses calm dashboard wording when stale and terminal operations both need attention', function (): void {
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'type' => 'inventory_sync',
|
|
'status' => OperationRunStatus::Queued->value,
|
|
'outcome' => OperationRunOutcome::Pending->value,
|
|
'created_at' => now()->subHour(),
|
|
]);
|
|
|
|
OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'type' => 'policy.sync',
|
|
'status' => OperationRunStatus::Completed->value,
|
|
'outcome' => OperationRunOutcome::Failed->value,
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Active operations look stale')
|
|
->assertSee('Terminal operations need follow-up')
|
|
->assertSee('Open stale operations')
|
|
->assertSee('Open terminal follow-up')
|
|
->assertDontSee('Current governance and findings signals look trustworthy.');
|
|
|
|
Livewire::test(BaselineCompareNow::class)
|
|
->assertSee('Action required')
|
|
->assertSee('operation')
|
|
->assertSee('Open operations')
|
|
->assertDontSee('Aligned');
|
|
});
|
|
|
|
it('suppresses compare calmness when high-severity active findings remain open', function (): void {
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_TRIAGED,
|
|
'severity' => Finding::SEVERITY_CRITICAL,
|
|
'finding_type' => Finding::FINDING_TYPE_PERMISSION_POSTURE,
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('High severity active findings')
|
|
->assertSee('Open findings')
|
|
->assertDontSee('Current governance and findings signals look trustworthy.');
|
|
|
|
Livewire::test(BaselineCompareNow::class)
|
|
->assertSee('Action required')
|
|
->assertSee('high-severity active finding')
|
|
->assertSee('Open findings')
|
|
->assertDontSee('Aligned');
|
|
});
|
|
|
|
it('keeps healthy operations-only activity separate from governance attention', function (): void {
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
$healthyBackup = BackupSet::factory()->for($tenant)->create([
|
|
'name' => 'Healthy truth-aligned backup',
|
|
'item_count' => 1,
|
|
'completed_at' => now()->subMinutes(30),
|
|
]);
|
|
|
|
BackupItem::factory()->for($tenant)->for($healthyBackup)->create([
|
|
'payload' => ['id' => 'healthy-policy'],
|
|
'metadata' => [],
|
|
'assignments' => [],
|
|
]);
|
|
|
|
OperationRun::factory()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'type' => 'inventory_sync',
|
|
'status' => OperationRunStatus::Running->value,
|
|
'outcome' => OperationRunOutcome::Pending->value,
|
|
'created_at' => now()->subMinute(),
|
|
'started_at' => now()->subMinute(),
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Current governance and findings signals look trustworthy.')
|
|
->assertSee('Operations are active')
|
|
->assertDontSee('Terminal operations need follow-up')
|
|
->assertDontSee('Active operations look stale');
|
|
|
|
Livewire::test(BaselineCompareNow::class)
|
|
->assertSee('Aligned')
|
|
->assertSee('No action needed')
|
|
->assertDontSee('Action required');
|
|
});
|
|
|
|
it('keeps overdue and governance-lapsed attention actionable without falling back to calm wording', function (): void {
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_TRIAGED,
|
|
'due_at' => now()->subDay(),
|
|
]);
|
|
|
|
$lapsedFinding = Finding::factory()->for($tenant)->create([
|
|
'status' => Finding::STATUS_RISK_ACCEPTED,
|
|
]);
|
|
|
|
FindingException::query()->create([
|
|
'workspace_id' => (int) $tenant->workspace_id,
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'finding_id' => (int) $lapsedFinding->getKey(),
|
|
'requested_by_user_id' => (int) $user->getKey(),
|
|
'owner_user_id' => (int) $user->getKey(),
|
|
'approved_by_user_id' => (int) $user->getKey(),
|
|
'status' => FindingException::STATUS_ACTIVE,
|
|
'current_validity_state' => FindingException::VALIDITY_MISSING_SUPPORT,
|
|
'request_reason' => 'Lapsed governance',
|
|
'approval_reason' => 'Approved',
|
|
'requested_at' => now()->subDays(5),
|
|
'approved_at' => now()->subDays(4),
|
|
'effective_from' => now()->subDays(4),
|
|
'review_due_at' => now()->subDay(),
|
|
'expires_at' => now()->subDay(),
|
|
'evidence_summary' => ['reference_count' => 0],
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Overdue findings')
|
|
->assertSee('Lapsed accepted-risk governance')
|
|
->assertSee('Open findings')
|
|
->assertDontSee('Current governance and findings signals look trustworthy.');
|
|
|
|
Livewire::test(BaselineCompareNow::class)
|
|
->assertSee('Action required')
|
|
->assertSee('Open findings')
|
|
->assertDontSee('Aligned');
|
|
});
|
|
|
|
it('suppresses calm dashboard wording when the latest backup basis is stale even if older history looked healthier', function (): void {
|
|
CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 4, 7, 12, 0, 0, 'UTC'));
|
|
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
$olderHealthy = BackupSet::factory()->for($tenant)->create([
|
|
'name' => 'Older healthy backup',
|
|
'item_count' => 1,
|
|
'completed_at' => now()->subDays(3),
|
|
]);
|
|
|
|
BackupItem::factory()->for($tenant)->for($olderHealthy)->create([
|
|
'payload' => ['id' => 'healthy-policy'],
|
|
'metadata' => [],
|
|
'assignments' => [],
|
|
]);
|
|
|
|
$latestStale = BackupSet::factory()->for($tenant)->create([
|
|
'name' => 'Latest stale backup',
|
|
'item_count' => 1,
|
|
'completed_at' => now()->subDays(2),
|
|
]);
|
|
|
|
BackupItem::factory()->for($tenant)->for($latestStale)->create([
|
|
'payload' => ['id' => 'stale-policy'],
|
|
'metadata' => [],
|
|
'assignments' => [],
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Latest backup is stale')
|
|
->assertDontSee('Backups are recent and healthy')
|
|
->assertDontSee('Current governance and findings signals look trustworthy.');
|
|
});
|
|
|
|
it('adds positive backup calmness only when the latest backup basis is recent, clean, and schedules do not need follow-up', function (): void {
|
|
CarbonImmutable::setTestNow(CarbonImmutable::create(2026, 4, 7, 12, 0, 0, 'UTC'));
|
|
|
|
$tenantContext = createTruthAlignedDashboardTenant();
|
|
[$user, $tenant] = $tenantContext;
|
|
$this->actingAs($user);
|
|
|
|
seedTrustworthyCompare($tenantContext);
|
|
|
|
$healthyBackup = BackupSet::factory()->for($tenant)->create([
|
|
'name' => 'Healthy backup',
|
|
'item_count' => 1,
|
|
'completed_at' => now()->subMinutes(20),
|
|
]);
|
|
|
|
BackupItem::factory()->for($tenant)->for($healthyBackup)->create([
|
|
'payload' => ['id' => 'healthy-policy'],
|
|
'metadata' => [],
|
|
'assignments' => [],
|
|
]);
|
|
|
|
Filament::setCurrentPanel(Filament::getPanel('tenant'));
|
|
Filament::setTenant($tenant, true);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Backups are recent and healthy')
|
|
->assertDontSee('Backup schedules need follow-up');
|
|
|
|
BackupSchedule::query()->create([
|
|
'tenant_id' => (int) $tenant->getKey(),
|
|
'name' => 'Overdue dashboard schedule',
|
|
'is_enabled' => true,
|
|
'timezone' => 'UTC',
|
|
'frequency' => 'daily',
|
|
'time_of_day' => '01:00:00',
|
|
'days_of_week' => null,
|
|
'policy_types' => ['deviceConfiguration'],
|
|
'include_foundations' => true,
|
|
'retention_keep_last' => 30,
|
|
'last_run_at' => null,
|
|
'last_run_status' => null,
|
|
'next_run_at' => now()->subHours(2),
|
|
]);
|
|
|
|
Livewire::test(NeedsAttention::class)
|
|
->assertSee('Backup schedules need follow-up')
|
|
->assertDontSee('Backups are recent and healthy');
|
|
});
|